Popular stories of the week 📈
🇺🇦 Tech giant Cisco built special device to help Kyiv ward off cyberattacks on power grid
In April 2023, Cisco provided Ukraine with special prototype devices to protect its power grid from Russian cyberattacks. Developed in collaboration with experts over 8 months, these pizza box-sized devices, valued at $1 million each, were shipped for free on a US plane carrying humanitarian aid to Poland, near Ukraine. Joe Marshall from Cisco emphasized the importance of their contribution to Ukraine’s resilience during the ongoing conflict.
🐾 New Flaws in Fingerprint Sensors Let Attackers Bypass Windows Hello Login
New research by Blackwing Intelligence reveals vulnerabilities in Windows Hello fingerprint sensors on Dell, Lenovo, and Microsoft laptops. These flaws, found in Goodix, Synaptics, and ELAN sensors, could enable attackers to bypass authentication. The study highlights the sensors’ susceptibility to spoofing and replay attacks, despite protections like Microsoft’s Secure Device Connection Protocol. The researchers emphasize the need for better implementation and auditing of these security measures.
⚠️ General Electric investigates claims of cyber attack, data theft
General Electric (GE) is investigating a cyberattack where a hacker, IntelBroker, claims to have breached GE’s development environment and stolen data, including military information. The hacker attempted to sell access to GE’s systems and data on a hacking forum. GE is looking into the alleged data leak, with the breach yet to be confirmed. IntelBroker is known for previous high-profile cyberattacks, including breaches of Weee! grocery service and the D.C. Health Link program.
Cybersecurity firm executive pleads guilty to hacking hospitals
Vikas Singla, former COO of Securolytics, has pleaded guilty to hacking two Gwinnett Medical Center hospitals in 2018 to promote his company. His attack disrupted services and stole over 200 patients’ data, causing over $817,000 in losses. Singla used the incident to market Securolytics, even tweeting stolen patient data. He agreed to pay restitution and faces a recommended 57-month probation sentence due to his serious health conditions, although the maximum sentence could be 10 years.
Best Podcast episodes of the week 🎙️
Smashing Security podcast #349: Ransomware gang reports its own crime, and what happened at OpenAI?
Who gets to decide who should be the CEO of OpenAI? ChatGPT or the board? Plus a ransomware gang goes a step further than most, reporting one of its own data breaches to the US Securities and Exchange Commission. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Patching the System: Can governments protect us from dangerous software bugs?
Season 2, Episode 5 of “Patching the System,” produced with Microsoft, explores how software vulnerabilities are identified and reported. The episode, featuring experts like Dustin Childs and Serge Droz, discusses the role of government regulators and the efficacy of coordinated disclosure processes in enhancing online peace and security. The podcast is part of a series highlighting the Cybersecurity Tech Accord’s efforts towards a safer cyber world.
Srsly Risky Biz: Death by a thousand cuts
In this podcast Adam Boileau and Tom Uren talk the rise of the Indian hack-for-hire industry. It doesn’t get the same attention that high-profile iPhone ‘zero-click’ hacking does, but its a global scourge that undermines legal processes. They also discuss the AlphV ransomware group reporting a company to the SEC for not disclosing a breach that it caused.
Open Source Projects for security 🔐
Ransomware Response Checklist by CISA
CISA’s Ransomware Response Checklist, part of the #StopRansomware Guide, provides a comprehensive process for addressing ransomware incidents. Key steps include detecting and analyzing the attack, isolating affected systems, triaging for restoration, and examining detection systems for additional threats. It emphasizes containment and eradication, including preserving evidence, disabling malware, and rebuilding systems. Post-incident activities involve recovery from backups, documenting lessons learned, and sharing information with relevant authorities.
Putty
PuTTY is a free, open-source SSH and telnet client for Windows, developed by Simon Tatham. It facilitates secure remote access to computers over networks and is widely used for its simplicity and versatility in network administration. It supports various network protocols like SSH, SCP, and SFTP, making it a go-to tool for secure remote operations.
pfSense
The pfSense project offers a free, FreeBSD-based network firewall distribution with a custom kernel and third-party software packages, rivaling the functionality of major commercial firewalls. It features a user-friendly web interface, eliminating the need for UNIX knowledge or command-line use. Originating as a fork of the m0n0wall Project in 2004, pfSense has significantly evolved and is available under an open-source license, with support options and hardware appliances for sale.
Enjoyed reading? Share with a friend 🙂